AI, Machine Learning Are the New Battleground for API Exploits, According to New Wallarm Report

SAN FRANCISCO--(BUSINESS WIRE)--Wallarm, the leading end-to-end API and app security company, today announced the release of its Q1 API ThreatStats™2024 Report. The quarterly report reveals a significant uptick in sophisticated cyber threats targeting APIs of AI infrastructure products including NVIDIA’s Triton Inference Server, ZenML and Hail. It also underscores notable API breaches among the world’s largest companies and the growing importance of advanced, proactive cybersecurity measures to defend against rapidly evolving attacks.

AI's hidden flaw: Why APIs are the real threat

The new report highlights the rising concern surrounding API attacks related to the new AI dev stack, especially as more organizations implement AI/LLM-driven features. As more AI products and tools rely on APIs, they are becoming increasingly vulnerable to new and potentially critical API security risks—a development that catches many off guard as organizations believe they need to start focusing on emerging LLM threats like prompt injection.

For instance, ZenML — a platform used by thousands of top-tier companies like Airbus and Goodyear for standardizing MLOps workflows — faced a critical API vulnerability, giving attackers unauthorized access to ZenML accounts. Additionally, NVIDIA’s Triton Inference Server — which standardizes AI model deployment and execution across diverse workloads — experienced an API vulnerability that allows unauthorized path traversal, potentially leading to consequences like code execution and data tampering.

The most vulnerable applications and vendor suites are also some of the most widely used

Another focal point of this quarter's report is the high-profile API attacks on widely used enterprise vendors. In fact, 43% of API threats discovered in Q1 were tied to popular enterprise applications. These threats continue to drive significant breaches at major companies, in some cases exposing millions of confidential records, some of which go undetected until the damage is done.

DevOps and DevTools are another route for attackers. API vulnerabilities span commonly used DevOps tools, with DevOps tools and development frameworks contributing a combined 42.6% to the vulnerability spectrum, according to the report.

API leaks continue to be one of the key threats

Mercedes-Benz experienced a major API leak — which started in September 2023 but was only discovered in January 2024 — when an employee’s GitHub token was exposed. This potentially gave unauthorized parties access to the automotive giant's GitHub Enterprise account and exposed source code, database and cloud providers keys, and internal docs. With access to this source code, attackers could potentially conduct a detailed analysis to identify security vulnerabilities.

“AI products’ growing reliance on APIs is both a strength and a vulnerability. The speed at which these technologies are being deployed far outpaces the readiness of current security measures designed to protect them, leaving them vulnerable to significant risks. And the report shows that even enterprise vendors trusted by the world’s top companies aren’t safe,” said Ivan Novikov, CEO of Wallarm, which was named a leader in the GigaOm Radar report for API Security.

“The latest ThreatStats report highlights the urgency of addressing these security challenges and provides a roadmap for CISOs to navigate the complexities of AI-driven environments. It also emphasizes the need for a partner like Wallarm that provides proactive cybersecurity measures as a defense to rapidly evolving threats,” continued Novikov.

The escalation of API and AI-related vulnerabilities stresses the need for all industries to be fully aware of such risks and implement comprehensive security measures to protect against evolving and sophisticated threats. For a balanced and effective security posture, the report recommends organizations: elevate API and AI security to a boardroom priority, communicating the business impact of API vulnerabilities; and invest in integrated API security solutions that provide API discovery, API leak management and real-time mitigation of critical threats.

To view the full Q1 API ThreatStats™2024 Report, please visit https://www.wallarm.com/resources/api-threatstats-tm-report-q1-2024.

‍